Cannot login to web console sql and ldap

Hi all I have an established openfire server that died. So I created a new Win Server 2008r2 standard server, installed openfire 3.9.3 we are connected up to the ms sql server again and when I specify authorized users it lets me add in the admins, if I get one wrong it lets me know it couldnt find that user.

Immediatly after setup I can login to the web console as these authorized users but after a restart no luck.

If I rerun setup by modifying the xml same behavior. 1st time is ok, reboot and it’s broken.

Ive turned debugging on but dont know what to look for there. I know my Base and admin DN’s are good and I have no issues with users signing into the IM system so the ldap connection is good.

Any ideas?

So Basicly LDAP users can login to the IM Client and use Spark / Openfire, and “admin” users are able to do the same?

When These Admin users try to login to the Admin console they get an error saying “the Users is not an admin” ?

If so, then im having the same issue from time to time.

To regain acces to the admin console add the bold text to your openfire.xml in bin/conf/ :

*** USER@SERVERNAME *** 9090 9091


after this restart the service and you should be able to log in to the console as an admin.

When i get locked out of the admin console it seems to be when i add multiple admins to Openfire and the db property is enabled for encryption;

So after gaining acces, go to server properties and try adding just one admin and try disabling property encryption for admin.AuthorizedJIDS and go from there ?!

Well this is sortof my issue, all LDAP users can log into the IM client including LDAP users defined as admins during setup.

I will add the XML lines and try again but they are in the SQL database, I know I’ve verified it yesterday.

Another question I’ve got is should the XMPP domain be whatever my service URL is or the server name?

Also regarding the JID’s, should the domain of the authorized JID’s match the server name or the specified XMPP domain?

I’ve tried every convievable combination and no joy.

Additionally: The error I get after trying to sign in is also not as described, the verbiage is “Login
failed: make sure your username and password are correct and that you’re an
admin or moderator.”

The Error i get is exactly as you stated :


failed: make sure your username and password are correct and that you’re an

admin or moderator". I didnt have the exact error message when i replied.

So your problem seems to be similar to mine. Im running OF 3.9.3 on Win 2K8r2.

in your config files there is a security.xml, where db properties are definied wich are encrypted automagicly.

  • Make shure admin.AuthorizedJIDS is not listed in security.xml

  • edit openfire.xml as stated above. Your JID when using AD users is SamAccountName@Openfire server.

EG. Assuming Active Directory? : Your user is Chris, your domain contoso.local And your server called Server1.contoso.local your JID IS Chris@server1.contoso.local

Save openfire.xml

Restart openfire service.

Login to console using “Chris” and the AD password.

O and make shure to ad the < admin> <\admin> tags above

Oh ok, thanks for your advice so far lots of things for me to check. I went in with SQL mgmt studio and:

set the admin.authorizedJIDs values to AD samaccountname@fqdn of host server

set xmpp.domain to fqdn of host server

This is in my security.xml






Also I’ve added the lines in bold to my openfire.xml and it’s still not letting me in!

Then maybe try setting Setup to false in your opefire, xml so you can run the setup wizard again and gain access that way?

after you get acces try adding just one admin to Openfire and make shure the entry is not encrypted and let it run for a while?

No go so far. I will however redo setup once again and leave it alone until tomorrow and see what happens.